Your Path to Achieving PCI DSS Compliance is a Phone Call Away

I want to tell you about a small non-profit, level 4 merchant who struggled with achieving PCI DSS Compliance.

Two years ago they hired a local QSA company that provided some training and a summary of recommendations. This summary didn’t  provide an assessment of where they are vs where they needed to be for PCI Compliance purposes.

Nor did the summary include clear, actionable steps that this non-profit could implement to improve their compliance posture and stop the monthly fines for non-compliance.

After engaging with  Payment Card Assessments, we put together a statement of work that provided them with an affordable gap assessment for their cardholder data environments.

In our final set of deliverables we:

1. Outlined actionable steps to improve their processes and procedures, especially around stored payment card data.

2. Provided side by side analysis of v3.2.1 & v4.0 requirements

3. Recommended a path to maintaining continuous PCI Compliance for not just v3.2.1 but for v4.0 as well.

After they crossed the finish line and submitted their attestation of compliance for both their e-commerce and P2P environments, we received the following email:

You gave us more actionable steps than the QSA did. I believe we’ll be thanking you for the next 6 months."

Achieving PCI DSS Compliance Is No Easy Feat

We’re here to help. Are you ready to tackle your PCI DSS Compliance responsibilities and establish a continuous PCI DSS Compliance program?

At Payment Card Assessments, we developed our 3 Pillars of PCI DSS Compliance Excellence and through these pillars, we provide thorough:

We can show you the way to creating and maintaining a PCI Compliance Program that your acquirer will love.

We bring a combined 20+ years of PCI DSS Compliance experience and well over 35 years each of IT Security and Project Management experience to the table. 

Learn more about our leadership team and schedule a call today!


Discover more from Payment Card Assesments

Subscribe to get the latest posts sent to your email.

Documentation Can Make Or Break Your PCI DSS Compliance Program

Why Do I Need So Much Documentation for PCI DSS Compliance?

I can hear you roll your eyes but I’m glad you asked that question.

As a former senior IT security director once told me, “PCI compliance is an exercise in killing trees.”

I get it. Most people would rather have a root canal than document critical PCI Compliance processes.

Keep reading!

26 Apr 2024

The Internal Security Assessor’s Guide to Mastering PCI DSS Requirements With Frequencies

A PCI DSS compliance expert highlights the critical role of adhering to defined and periodic frequency requirements in maintaining security measures. Frequent reviews, such as every six months for network security control rule sets, are mandatory. Failure in compliance can lead to severe repercussions for organizations. Payment Card Assessments aids compliance through automation, education, and operation strategies, enhancing program effectiveness. Proper process implementation and training are essential for meeting PCI DSS standards and leveraging tools like the Requirement Frequency template enhances compliance management.

Leave a Reply

Discover more from Payment Card Assesments

Subscribe now to keep reading and get access to the full archive.

Continue reading